<?#//v.3.1.1
#///////////////////////////////////////////////////////
#//  COPYRIGHT 2007 Phpauction.org ALL RIGHTS RESERVED//
#///////////////////////////////////////////////////////

require('../includes/config.inc.php');
include "loggedin.inc.php";

unset($ERR);

#//
if($_POST[action] == "update" && phpa_securepost($_POST)) {
	#// Check if the specified user exists
	$query = "SELECT id FROM PHPAUCTIONXL_users WHERE nick='$_POST[superuser]'";
	$res_ = @mysql_query($query);
	if(!$res_) {
		print "Error: $query<BR>".mysql_error();
		exit;
	} elseif(mysql_num_rows($res_) == 0 && $_POST[active] == 'y') {
		$ERR = $ERR_025;
	} else {
		#// Update database
	if (!PHP_4 )
	{
	  require_once './htmlpurifier/library/HTMLPurifier.auto.php';
	  $config = HTMLPurifier_Config::createDefault();
	  $config->set('Core', 'Encoding', 'ISO-8859-1');
	  $config->set('HTML', 'Doctype', 'HTML 4.01 Transitional');
	  $config->set('HTML', 'AllowedElements', 'div,a,em,blockquote,p,code,pre,table,font,tbody,td,tr,b,strong,u,ul,li,ol');
	  $purifier = new HTMLPurifier($config);
	}
	else
	{
	   require_once './class/phpauction_purify.php';
	   $purifier = new HTMLPurifier();
	   $purifier->allowed_tags(array("div","a","em","blockquote","p","code","pre","table","font","tbody","td","tr","b","strong","u","ul","li","ol" ));
	}


        $clean_html = $purifier->purify(stripslashes($_POST['maintainancetext']));
        $_POST['maintainancetext'] = $clean_html;

		$query = "UPDATE PHPAUCTIONXL_maintainance SET
					  superuser='".htmlentities($_POST[superuser])."',
					  maintainancetext='".$clean_html."',
					  active='$_POST[active]'";
		$res = @mysql_query($query);
		if(!$res) {
			print "Error: $query<BR>".mysql_error();
			exit;
		} else {
			$ERR = $MSG__0005;
		}
		
	}
}

#//
#// Check if the maintainance table exists
$result = mysql_list_tables($DbDatabase);

if (!$result) {
	print "DB Error, could not list tables\n";
	print 'MySQL Error: ' . mysql_error();
	exit;
}

while ($row = mysql_fetch_row($result)) {
	$TABLES[] = $row[0];
}
if(!in_array("PHPAUCTIONXL_maintainance",$TABLES)) {
	$query = "CREATE TABLE PHPAUCTIONXL_maintainance (
				  id int(11) NOT NULL auto_increment,
				  active enum('y','n'),
				  superuser varchar(32),
				  maintainancetext text,
				  KEY id (id)
				  ) TYPE=MyISAM;";
	$rr_ = @mysql_query($query);
	if(!$rr_) {
		print "Error: $query<BR>".mysql_error();
		exit;
	} else {
		$query = "INSERT INTO PHPAUCTIONXL_maintainance VALUES(
					  NULL,'n','','<BR><CENTER><B>Under maintainance</B></CENTER>')";
		$rr_ = @mysql_query($query);
		if(!$rr_) {
			print "Error: $query<BR>".mysql_error();
			exit;
		}
	}
}
$query = "SELECT * FROM PHPAUCTIONXL_maintainance";
$res = @mysql_query($query);
if(!$res) {
	print "Error: $query<BR>".mysql_error();
	exit;
} elseif(mysql_num_rows($res) > 0) {
	$_POST = mysql_fetch_array($res);
}

?>
<HTML>
<HEAD>
<link rel='stylesheet' type='text/css' href='style.css' />
<script type="text/javascript" src="../js/tinymce/jscripts/tiny_mce/tiny_mce.js"></script>
<script type="text/javascript">
tinyMCE.init({
        mode : "textareas",
        theme : "advanced",
        language: "en",
        plugins : "table",
        theme_advanced_buttons1 : "backcolor, forecolor, bold,italic,underline,separator,strikethrough,justifyleft,justifycenter,justifyright, justifyfull,bullist,numlist,undo,redo,link,unlink",
        theme_advanced_buttons2 : "fontselect, fontsizeselect, image",
        theme_advanced_buttons3 : "tablecontrols",
        theme_advanced_toolbar_location : "top",
        theme_advanced_toolbar_align : "left",
        force_br_newlines : "false",
        extended_valid_elements : "a[name|href|target|title|onclick],img[class|src|border=0|alt|title|hspace|vspace|width|height|align|onmouseover|onmouseout|name],hr[class|width|size|noshade],font[face|size|color|style],span[class|align|style]"
});
</script>

<link href="css/main.css" rel="stylesheet" type="text/css">
</HEAD>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
  <tr> 
    <td><table width="100%" border="0" cellspacing="0" cellpadding="0" class="titulo">
        <tr> 
          <td class="icono"><img src="images/tools_icon2.gif" width="27" height="24" ></td>
          <td class="breadcrumbs"><p><span><?=$MSG_5436?></span>&nbsp;&gt;&gt;&nbsp;<?=$MSG__0001?></p></td>
        </tr>
      </table></td>
  </tr>
  <tr>
    <td align="center" valign="middle">&nbsp;</td>
  </tr>
    <tr> 
    <td align="center" valign="middle">
<TABLE BORDER=0 WIDTH=95% CELLPADDING=0 CELLSPACING=0 BGCOLOR="#FFFFFF">
<TR>
<TD>
<BR>
<FORM NAME=conf ACTION=<?=basename($_SERVER['PHP_SELF'])?> METHOD=POST>
	<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="0" class="base">
		<TR>
			<TD class=title>
				<p><? print $MSG__0001; ?></p>
			</TD>
		</TR>
		<TR>
			<TD>

<TABLE WIDTH=100% ALIGN="CENTER" CELLPADDING=0 cellspacing="0" BGCOLOR="#FFFFFF">
  <?
  if(isset($ERR)) {
  ?>
  <TR>
	<TD COLSPAN="2" class="error"><B>
	 <p> <? print $ERR; ?></p>
	  </B></TD>
  </TR>
  <?
  }
  ?>
  <TR VALIGN="TOP">
	<TD colspan="2" >
	  <p><? print $MSG__0002; ?></p>	  </TD>
	</TR>
  <TR VALIGN="TOP">
	<TD WIDTH=109 HEIGHT="22" class="gris lineV">
	  <p class="blue"><? print $MSG__0006; ?></p>	  </TD>
	<TD WIDTH="375" HEIGHT="22" class="gris">
	  <INPUT TYPE="radio" NAME="active" VALUE="y" <?if($_POST[active] == 'y') print " checked"?>>
	  <?=$MSG_030?>
	  <INPUT TYPE="radio" NAME="active" VALUE="n" <?if($_POST[active] == 'n') print " checked"?>>
	  <?=$MSG_029?>	  </TD>
  </TR>
  <TR VALIGN="TOP">
	<TD WIDTH=109 HEIGHT="22" class="lineV">
	 <p class="blue"> <? print $MSG__0003; ?></p>	  </TD>
	<TD WIDTH="375" HEIGHT="22">
	  <INPUT TYPE="text" NAME="superuser" VALUE="<?=$_POST[superuser]?>">	  </TD>
  </TR>
  <TR VALIGN="TOP">
	<TD WIDTH=109 HEIGHT="22" class="lineV">
	 <p class="blue">  <? print $MSG__0004; ?></p>	  </TD>
	<TD WIDTH="375" HEIGHT="22">
	  <textarea name="maintainancetext" cols="65" rows="15"><?=$_POST[maintainancetext]?></textarea>	  </TD>
  </TR>

  <TR>
	<TD WIDTH=109 class="lineV">
	  <INPUT TYPE="hidden" NAME="action" VALUE="update" /> <INPUT TYPE="hidden" NAME="security" VALUE="<?php echo $_SESSION['security'];?>" />	</TD>
	<TD WIDTH="375">
	  <INPUT TYPE="submit" NAME="act" VALUE="<? print $MSG_530; ?>" class="action">	</TD>
  </TR>
  <TR>
	<TD WIDTH=109></TD>
	<TD WIDTH="375"> </TD>
  </TR>
</TABLE>
			</TD>
		</TR>
	</TABLE>
	</FORM>
</TD>
</TR>
</TABLE>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>
